Actualizare de Securitate WordPress 3.0.3
WordPress 3.0 a fost o actualizare importanta a celebrei platforme de blogging. Dupa orice versiune majora a unui produs, vin si micile retusari.
Astfel a fost lansata zilele trecute versiunea 3.0.2 care remedia cateva gauri de securitate si bug-uri, dupa cum vedeti in lista de mai jos:
Remove pingback/trackback blogroll whitelisting feature as it can easily be abused. (#13887)
Fix canonical redirection for permalinks containing %category% with nested categories and paging. (#13471)
Fix occasional irrelevant error messages on plugin activation. (#15062)
Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin. (r16367, r16373)
Clarify the license in the readme (r15534)
Multisite: Fix the delete_user meta capability (r15562)
Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins (#15122)
Multisite: Fix ms-files.php content type headers when requesting a URL with a query string (#14450)
Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs (#14536)
Astazi, a fost lansata versiunea 3.0.3, care remediaza inca o vulnerabilitate:
This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.